N°1260 new db_tls.verify_server_cert option to force server certificates check

SVN:trunk[5381]
This commit is contained in:
Pierre Goiffon
2018-03-05 15:50:18 +00:00
parent e66d577f21
commit d96015f2c1
6 changed files with 52 additions and 16 deletions

View File

@@ -533,11 +533,13 @@ if (class_exists('ZipArchive')) // The setup must be able to start even if the "
$sTlsCA = $oConfig->Get('db_tls.ca');
$sTlsCaPath = $oConfig->Get('db_tls.capath');
$sTlsCipher = $oConfig->Get('db_tls.cipher');
$bTlsVerifyServerCert = $oConfig->Get('db_tls.verify_server_cert');
try
{
$oMysqli = CMDBSource::GetMysqliInstance($sServer, $sUser, $sPwd, $sSource, $sTlsKey, $sTlsCert,
$sTlsCA, $sTlsCaPath, $sTlsCipher, false);
$oMysqli = CMDBSource::GetMysqliInstance($sServer, $sUser, $sPwd, $sSource,
$sTlsKey, $sTlsCert, $sTlsCA, $sTlsCaPath, $sTlsCipher,
false, $bTlsVerifyServerCert);
if ($oMysqli->connect_errno)
{

View File

@@ -1165,7 +1165,8 @@ EOF
try
{
$oDBSource = new CMDBSource;
$oDBSource->Init($sDBServer, $sDBUser, $sDBPwd, '', $sTlsKey, $sTlsCert, $sTlsCA, $sTlsCipher);
$oDBSource->Init($sDBServer, $sDBUser, $sDBPwd, '', $sTlsKey, $sTlsCert, $sTlsCA, $sTlsCaPath, $sTlsCipher,
false);
$aResult['checks'][] = new CheckResult(CheckResult::INFO, "Connection to '$sDBServer' as '$sDBUser' successful.");
$aResult['checks'][] = new CheckResult(CheckResult::INFO, "Info - User privileges: ".($oDBSource->GetRawPrivileges()));
@@ -1279,16 +1280,20 @@ EOF
* @param string $sTlsKey
* @param string $sTlsCert
* @param string $sTlsCa
* @param string $sTlsCapath
*
* @param string $sTlsCipher
*
* @return string
* @throws MySQLException
* @throws \MySQLException
*/
static public function GetMySQLVersion(
$sDBServer, $sDBUser, $sDBPwd, $sTlsKey = null, $sTlsCert = null, $sTlsCa = null, $sTlsCipher = null
$sDBServer, $sDBUser, $sDBPwd, $sTlsKey = null, $sTlsCert = null, $sTlsCa = null, $sTlsCapath = null,
$sTlsCipher = null
)
{
$oDBSource = new CMDBSource;
$oDBSource->Init($sDBServer, $sDBUser, $sDBPwd, '', $sTlsKey, $sTlsCert, $sTlsCa, $sTlsCipher);
$oDBSource->Init($sDBServer, $sDBUser, $sDBPwd, '', $sTlsKey, $sTlsCert, $sTlsCa, $sTlsCapath, $sTlsCipher);
$sDBVersion = $oDBSource->GetDBVersion();
return $sDBVersion;
}

View File

@@ -2548,7 +2548,15 @@ class WizStepDone extends WizardStep
$sForm .= "<p style=\"text-align:center;width:100%\"><button id=\"enter_itop\" type=\"submit\">Enter ".ITOP_APPLICATION."</button></p>";
$sForm .= '</form>';
$sPHPVersion = phpversion();
$sMySQLVersion = SetupUtils::GetMySQLVersion($this->oWizard->GetParameter('db_server'), $this->oWizard->GetParameter('db_user'), $this->oWizard->GetParameter('db_pwd'));
$sMySQLVersion = SetupUtils::GetMySQLVersion(
$this->oWizard->GetParameter('db_server'),
$this->oWizard->GetParameter('db_user'),
$this->oWizard->GetParameter('db_pwd'),
$this->oWizard->GetParameter('db_tls_key'),
$this->oWizard->GetParameter('db_tls_cert'),
$this->oWizard->GetParameter('db_tls_ca'),
$this->oWizard->GetParameter('db_tls_capath'),
$this->oWizard->GetParameter('db_tls_cipher'));
$aParameters = json_decode($this->oWizard->GetParameter('selected_components', '{}'), true);
$sCompactWizChoices = array();
foreach($aParameters as $iStep => $aChoices)